Massive Overblocking Hits Hundreds Of UK Sites
from the well,-there's-a-surprise dept
Two years ago, Techdirt reported on a very troubling ruling in the UK courts that BT had to block access to the Usenet service provider Newzbin2. At the time, many feared that this would be the thin end of the wedge, giving copyright companies an easy way to shut down other sites. And with that power, of course, would come the inevitable errors, blocking completely unrelated sites. Just how seriously those mistakes could be is shown by this recent case of massive overblocking, reported here on PC Pro:
Virgin Media and Sky-owned Be Broadband customers found they were unable to access the Radio Times website last week, after the ISPs' anti-piracy filters included the site by accident. Telefonica, which still runs Be Broadband's network said that the overblocking had actually affected around 200 legitimate websites.
Radio Times is a well-known UK TV and radio listings magazine; another major site affected was the citizen science project Zooniverse. As an Open Rights Group (ORG) post explains, the specific Radio Times address that was blocked was radiotimes.com, while www.radiotimes.com continued to function. Here's why:
Many third-party load balanced systems, for example those using Amazon's AWS [Amazon Web Services] infrastructure, are enabled by pointing CNAME records at names controlled by those third-party systems. For example www.example.com may be pointed at loadbalancer.example.net. However, "example.com" usually cannot be directly given a CNAME record (CNAME records cannot be mixed with the other record types needed such as those pointing to nameservers and mailservers). A common approach is to point "example.com" to a server that merely redirects all requests to "www.example.com".
As ORG surmised, the problem arose from a UK court decision handed down last month that allowed the Football Association Premier League Limited to block FirstRow Sports, a site for live-streaming sports events. It turned out that the latter used the redirection service http-redirection-a.dnsmadeeasy.com, which was then blocked as part of the court order. Unfortunately, hundreds of other sites, which also used that redirection service, were also blocked as a result.
From forum posts we can see that it's this redirection system, in this specific case an A record used for "http-redirection-a.dnsmadeeasy.com", that has been blocked by the ISPs -- probably a court-order-blocked site is also using the service -- making numerous sites unavailable for any request made without the "www" prefix.
This is a classic case of overblocking, but on a scale hitherto unseen in the UK. It shows why such Web blocks are very crude instruments, and how easily they can go wrong for quite subtle technical reasons. The problem is that the companies seeking the blocks can make mistakes, but the ISPs implementing the blocks don't want to become responsible for checking that the blocks are correct, and thus implement whatever is sent to them.
A post on the Zooniverse blog explains why this is so problematic:
The fact that the court could issue an order which didn’t see this coming and that the ISPs would act on it without checking that what they were doing was sensible is, in my opinion, extremely worrying. It shows how little power we as operators of a website have -- there are no guarantees that our hard work will travel along the little tubes that make up the internet to make it to your computer, and -- although Virgin were nice in this case -- it's disturbing to think we would have had no redress had they decided to keep blocking us. In the midst of a huge political argument in the UK about filtering content online, it's worth bearing in mind how a simple attempt by a multi-billion pound business to protect its revenue stream ended up, by complete and careless accident, preventing science getting done at the Zooniverse.
Sadly, we can probably expect things to get worse, as copyright companies resort to this approach more often, more mistakes are made, and more overblocks occur with little concern for the damage they cause.
Follow me @glynmoody on Twitter or identi.ca, and on Google+
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: censorship, copyright, filters, overblocking
Companies: premiere league
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
You're right though that kids shouldn't be demeaned by being compared to politicians, so maybe 'A politician in the budget room' should be the replacement saying?
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Why dont they just admit it?
Glad I live in the US... oh wait...
[ link to this | view in chronology ]
People never learn.
[ link to this | view in chronology ]
Re:
But we can TOTALLY stop pirated porn... right?!?
[ link to this | view in chronology ]
Re: Re:
"Yaaar I'll be having your booty!"
[ link to this | view in chronology ]
Re: Re:
Or a Daily Mail reader.
[ link to this | view in chronology ]
OMG! "included the site by accident. ... around 200 legitimate websites."
Yesterday's story, presumably corrected by now, though seems none of the weenies report that was brief and minor.
"At the time, many feared that this would be the thin end of the wedge, giving copyright companies an easy way to shut down other sites." -- Not many fear that now, after two years experience and yet the net goes on.
Mike Masnick on Techdirt: "its typical approach to these things: take something totally out of context, put some hysterical and inaccurate phrasing around it, dump an attention-grabbing headline on it and send it off to the press."
[ link to this | view in chronology ]
You know what, no.
You're here to stir up a mess, not to debate, not discuss, so frankly it would be a waste of my time to treat you as more mature than you are.
[ link to this | view in chronology ]
Re: You know what, no.
[ link to this | view in chronology ]
Re: OMG! "included the site by accident. ... around 200 legitimate websites."
[ link to this | view in chronology ]
Re: Re: OMG! "included the site by accident. ... around 200 legitimate websites."
What damage was caused?
Answer: None.
Absolutely none.
Nothing but brief inconvenience for those too dumb to type 'www.'. Ohmagerd. How horrible...
[ link to this | view in chronology ]
Re: Re: Re: OMG! "included the site by accident. ... around 200 legitimate websites."
Whatever. You're probably one of the idiots who bleats about your inane drivel being reported, even though they cause no damage and are equally easy to bypass.
[ link to this | view in chronology ]
Re: OMG! "included the site by accident. ... around 200 legitimate websites."
How come you're not railing against this clear abuse of power by the copyright corporations? What excuse are you going to trot out for your hypocrisy and double standards?
[ link to this | view in chronology ]
Re: OMG! "included the site by accident. ... around 200 legitimate websites."
I see. So if someone kills 200 people, that would not count as a "massive" murder, since it's less than one in a million people. Makes sense to me.
[ link to this | view in chronology ]
Re: OMG! "included the site by accident. ... around 200 legitimate websites."
If a google of sites were taken down, then we you have real problems!
[ link to this | view in chronology ]
Re: OMG! "included the site by accident. ... around 200 legitimate websites."
If your business' website was blocked for no god damn reason how would you feel?
[ link to this | view in chronology ]
Re: Re: OMG! "included the site by accident. ... around 200 legitimate websites."
[ link to this | view in chronology ]
Re: Re: OMG! "included the site by accident. ... around 200 legitimate websites."
[ link to this | view in chronology ]
Re: OMG! "included the site by accident. ... around 200 legitimate websites."
Anomalies. *RAGE* ANOMALIEEEESSSSS! *incoherent babbling* MY PRECIOUSSS!
And just to emphasize your idiocy:
Not many fear that now, after two years experience and yet the net goes on.
Several million died on WWII yet humanity goes on. And seriously, only a few million in billions of people is not massive. No issues with gas chambers and all the mass killing. Right? Asshole ;)
[ link to this | view in chronology ]
Re: OMG!
[ link to this | view in chronology ]
Then there's the cultural and educational losses that will be incurred, due to totalitarian blocking
It's simply a lose-lose situation. Incurring all kinds of public and business losses, all across the globe.
Sounds about right for the human race. Expect nothing less.
[ link to this | view in chronology ]
Is it just blocking?
Or is it interception instead of blocking, where the request is redirected to an evil server, which answers pretending to be the original server?
The Zooniverse blog post implies it is the later. If so, it is even more disturbing, as it is returning a counterfeit response to the client (which is not always a web browser), and strengthens the case for everyone to move to HTTPS-only (with certificate validation) as soon as possible.
[ link to this | view in chronology ]
Re: Is it just blocking?
[ link to this | view in chronology ]
Yesterday
[ link to this | view in chronology ]
Re: Yesterday
[ link to this | view in chronology ]
What it shows is...
We need to start awarding
"Most technically ignorant" awards to politicians and make sure they get as much media coverage as possible.
[ link to this | view in chronology ]
Re: What it shows is...
[ link to this | view in chronology ]
[ link to this | view in chronology ]
They said "The court order that requires internet service providers to block this website clearly states that any issues they have in implementing the block must be raised with the Premier League before taking any further action."
Can you imagine the size of the plums required for *that* to be your response to someone else cleaning up the collosal mess you made? Not 'thanks'. Not 'how can I repay you?' No. 'You should have left these other sites blocked till we said otherwise'.
[ link to this | view in chronology ]
Re:
'Your quick fixing of the problem brought about by our poorly thought out and implemented system, rather than waiting for us to ignore it and only fix it when it got enough press attention we could show off to made us look bad, don't do it again.'
[ link to this | view in chronology ]
Re:
What would happen if the Radio Times decided to (inadvertently or deliberately) not mention Premier League games in their publications for a week or two?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
And btw firstrosports
[ link to this | view in chronology ]
and meanwhile...
[ link to this | view in chronology ]